Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 3:2 p.m.0 views

CVE-2026-32013

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

8.8CVSS6.4AI score0.00049EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/19 10:6 p.m.1 views

CVE-2026-32013 OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

8.8CVSS6.4AI score0.00049EPSS
Exploits0References3
CVE
CVEadded 2026/03/19 10:6 p.m.6 views

CVE-2026-32013

OpenClaw is affected: versions prior to 2026.2.25 contain a symlink traversal in agents.files.get and agents.files.set that can read/write files outside the agent workspace. Attackers can access arbitrary host files within gateway process permissions by following symlinked allowlisted files, whic...

8.8CVSS6.2AI score0.00049EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/03/19 10:6 p.m.1 views

EUVD-2026-13275

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

8.8CVSS6.2AI score0.00049EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/03/19 10:6 p.m.14 views

CVE-2026-32013 OpenClaw < 2026.2.25 - Symlink Traversal in agents.files Methods

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

8.8CVSS0.00049EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/03/02 10:40 p.m.9 views

OpenClaw gateway agents.files symlink escape allowed out-of-workspace file read/write

Impact The gateway agents.files.get and agents.files.set methods allowed symlink traversal for allowlisted workspace files. A symlinked allowlisted file for example AGENTS.md could resolve outside the agent workspace and be read/written by the gateway process. This could enable arbitrary host fil...

8.8CVSS6.4AI score0.00049EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder